Vulnetix
Try Vulnetix Request Demo
CVE-2021-27391 PUBLISHED CVSS 10 CRITICAL

A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). The web server of affected devices lacks proper bounds checking when parsing the Host parameter in HTTP requests, which could lead to a buffer overflow. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the device with root privileges.

EPSS 2.86% · 86.1th percentile

Risk Scores

CVSS v2.0
10
EPSS Score
2.86%
86.1th percentile

Affected Products

VendorProductVersions
siemenstalon_tc_modular_\(bacnet\)_firmware0
SiemensAPOGEE MBC (PPC) (P2 Ethernet)All versions >= V2.6.3
siemenstalon_tc_compact_\(bacnet\)_firmware0
SiemensTALON TC Compact (BACnet)All versions < V3.5.3
siemensapogee_mbc_\(ppc\)_\(p2_ethernet\)_firmware0
SiemensAPOGEE PXC Compact (BACnet)All versions < V3.5.3
siemensapogee_mec_\(ppc\)_\(p2_ethernet\)_firmware0
SiemensAPOGEE PXC Modular (P2 Ethernet)All versions >= V2.8
siemensapogee_pxc_compact_\(p2_ethernet\)_firmware0
siemensapogee_pxc_modular_\(p2_ethernet\)_firmware0
SiemensTALON TC Modular (BACnet)All versions < V3.5.3
SiemensAPOGEE MEC (PPC) (P2 Ethernet)All versions >= V2.6.3
siemensapogee_pxc_bacnet_automation_controller_firmware0
siemensapogee_pxc_modular_\(bacnet\)_firmware0
SiemensAPOGEE PXC Modular (BACnet)*
SiemensAPOGEE PXC Compact (P2 Ethernet)All versions >= V2.8

Timeline

References

…and 2 more

Open in Interactive Console →